Checkpoint firewall common commands part1
For starting or stopping firewall services
cpstop-Stop all Check Point services except cprid . You can also stop specific services by issuing an option with cpstop. For instance cpstop FW1 stops FW-1/VPN-1 or use cpstop WebAccess to stop WebAccess.
cpstart-Start all Check Point services except cprid . cpstart works with the same options as cpstop .
cprestart-Combined cpstop and cpstart . Complete restart.
cpridstop, cpridstart, cpridrestart-Stop, start or restart cprid , the Check Point Remote Installation Daemon.
fw kill [-t sig] proc-Kill a Firewall process. PID file in $FWDIR/tmp/ must be present. Per default sends signal 15 (SIGTERM).Example: fw kill -t 9 fwm
fw unloadlocal– Uninstalls local security policy and disables IP forwarding.
For getting basic firewall information :
fw ver [-k] , fwm [mds] ver, vpn ver [-k], fgate ver-Show major and minor version as well as build number and latest installed hotfix of a Check Point module. Show additional kernel version information with -k switch.
ver-Show CP version and build as well as kernel info.
cpshared_ver-Show the version of the SVN Foundation.
cpview-Tool combining several Check Point and Linux commands into a great text based tool providing both OS and software blade information.
fw stat, fw stat <-l|–long>, fw stat <-s|–short> -Show the name of the current policy and a brief interface list. Use -l or -s for more info. Consider using cpstat fw instead of -l or -s switch for better formatted output.
fw ctl iflist-Display interface list.
fw ctl arp [-n]-Display proxy arp table. -n disables name resolution.
cp_conf finger get-Display fingerprint on the management module.
cp_conf client get-Display GUI clients list.
cp_conf admin get-Display admin accounts and permissions. Also fwm -p
cp_conf auto get <fw1|fg1|rm|all> – Display autostart state of Check Point modules.
cpstop-Stop all Check Point services except cprid . You can also stop specific services by issuing an option with cpstop. For instance cpstop FW1 stops FW-1/VPN-1 or use cpstop WebAccess to stop WebAccess.
cpstart-Start all Check Point services except cprid . cpstart works with the same options as cpstop .
cprestart-Combined cpstop and cpstart . Complete restart.
cpridstop, cpridstart, cpridrestart-Stop, start or restart cprid , the Check Point Remote Installation Daemon.
fw kill [-t sig] proc-Kill a Firewall process. PID file in $FWDIR/tmp/ must be present. Per default sends signal 15 (SIGTERM).Example: fw kill -t 9 fwm
fw unloadlocal– Uninstalls local security policy and disables IP forwarding.
For getting basic firewall information :
fw ver [-k] , fwm [mds] ver, vpn ver [-k], fgate ver-Show major and minor version as well as build number and latest installed hotfix of a Check Point module. Show additional kernel version information with -k switch.
ver-Show CP version and build as well as kernel info.
cpshared_ver-Show the version of the SVN Foundation.
cpview-Tool combining several Check Point and Linux commands into a great text based tool providing both OS and software blade information.
fw stat, fw stat <-l|–long>, fw stat <-s|–short> -Show the name of the current policy and a brief interface list. Use -l or -s for more info. Consider using cpstat fw instead of -l or -s switch for better formatted output.
fw ctl iflist-Display interface list.
fw ctl arp [-n]-Display proxy arp table. -n disables name resolution.
cp_conf finger get-Display fingerprint on the management module.
cp_conf client get-Display GUI clients list.
cp_conf admin get-Display admin accounts and permissions. Also fwm -p
cp_conf auto get <fw1|fg1|rm|all> – Display autostart state of Check Point modules.
Comments
Post a Comment